CrowdStrike tried to go back to business as usual at one of the world’s largest annual cybersecurity conferences
At the annual Black Hat cybersecurity conference, hundreds of cybersecurity professionals descended upon the Mandalay Bay Convention Center in Las Vegas on Wednesday morning. Dozens of companies were showcasing their products in the corridors of the venue.
CrowdStrike, a business that has recently become well-known, was positioned in the front row with one of the largest booths—but not because of its skill at thwarting malevolent hackers.
A flawed software update released by CrowdStrike on July 19 crashed at least 8.5 million computers worldwide, delaying flights, interfering with hospital operations (including some surgeries), and severely impairing the
operations of several U.S. government agencies in addition to numerous other organizations that had to manually restart computers and servers in order to resume business as usual.
CrowdStrike has been providing updates on its own investigation into t
he incident ever since. Along with offering $10 Uber Eats gift cards, the firm expressed its “sincere gratitude and apologies for the inconvenience” to its partners, some of whom needed hours to recuperate from the incident.Before Uber reported the voucher as fraudulent “due to high usage rates,” a CrowdStrike representative said, a number of recipients—some of whom thought the gift was tone deaf—were unable to use the gift card.
In less than three weeks, a few workers of CrowdStrike were tasked with the challenging task of presenting the company’s offerings at its convention exhibit. Dozens of people lined up as soon as the doors opened. Not only were they there to pick up T-shirts and action figures made by the company to represent some of the nation-state and cybercriminal groups it tracks—like Aquatic Panda, an espionage group with ties to China, and Scattered Spider, an extortion ring purportedly responsible for the Okta and MGM Resorts cyberattacks last year—but they were also there to purchase merchandise.
We’re here to give you free stuff,” a CrowdStrike employee told people gathered around a big screen where employees would later give demos.
A conference attendee looked visibly surprised. “I just thought it would be dead, honestly. I thought it would be slower over there. But obviously, people are still fans, right?
For CrowdStrike at Black Hat, there was an element of business as usual, despite its global IT outage that caused widespread disruption and delays for days — and even weeks for some customers. The conference came at the same time as CrowdStrike released its root cause analysis that explained what happened the day of the outage. In short, CrowdStrike conceded that it messed up but said it’s taken steps to prevent the same incident happening again. And some cybersecurity professionals attending Black Hat appeared ready to give the company a second chance.
On the action figures’ boxes stacked at the company’s booth, which were getting restocked constantly, CrowdStrike wrapped a message addressing the outage. “Adversaries aren’t stopping. Neither are we,” the message read. “Resilience starts with us. Our focus remains with you.”
The company projected the same message onto a large screen in the hallway that leads from the Mandalay Bay casino to the convention center.
CrowdStrike’s senior director of corporate communications, Kevin Benacci, told TechCrunch that “the message shares our gratitude and appreciation for the Black Hat community, as well as the support we have received post incident.”
Before Uber reported the voucher as fraudulent “due to high usage rates,” a CrowdStrike representative said, a number of recipients—some of whom thought the gift was tone deaf—were unable to use the gift card.
In less than three weeks, a few workers of CrowdStrike were tasked with the challenging task of presenting the company’s offerings at its convention exhibit. Dozens of people lined up as soon as the doors opened. Not only were they there to pick up T-shirts and action figures made by the company to represent some of the nation-state and cybercriminal groups it tracks—like Aquatic Panda, an espionage group with ties to China, and Scattered Spider, an extortion ring purportedly responsible for the Okta and MGM Resorts cyberattacks last year—but they were also there to purchase merchandise.
“Technical team members in the booth addressing the incident,” Benacci said, according the company.
TechCrunch visited the exhibit on Thursday and observed not only a few sales engineers demonstrating the product, but also Chris Kachigian, vice president of global solutions architecture at CrowdStrike, who holds a technical position in the organization.
CrowdStrike’s CEO George Kurtz was also at the Black Hat Innovators & Investors Summit — an event within the conference that requires a separate payment, which means it’s not open to all attendees. Kurtz appeared on a panel, according to the company, as well as posts by two conference attendees.
Panel of CEOs on startup exit strategies including @George_Kurtz
Chenxi: “it’s been a long two weeks for you George. Thanks for being here.
So what happened?!”
Crowd got a good laugh. pic.twitter.com/AI07xiIwA6
— Matt Johansen (@mattjay) August 6, 2024
To gauge how front-line defenders in the cybersecurity industry reacted to the massive outage, TechCrunch spoke to more than a dozen conference attendees who visited the CrowdStrike booth. More than half of attendees we spoke with expressed a positive view of the company following the outage.
Does this make me think less of their potential as a cutting-edge security company? I don’t think so,” declared a government worker in the United States, who claimed to use CrowdStrike daily. Since he was not permitted to speak with the media, the employee requested to remain nameless.
Another US government worker who acknowledged using CrowdStrike for work, Brian Wilson, claimed he hasn’t lost faith in the company and that he will keep using its products. A security engineer going by Eric L. told TechCrunch that while the outage did disrupt a portion of his organization, it was able to recover in less than a day. He stated that his opinion of CrowdStrike has not changed and that he is “absolutely not” considering moving to a different provider. “CrowdStrike was really good at providing remediation guidance and doing everything they could to kind of make things right,” he told reporters.
“They are the best in the game; they are the best in class,” he remarked.